[Gtk-sharp-list] LibGlade
Paolo Molaro
lupus@ximian.com
Tue, 20 Aug 2002 14:04:38 +0200
On 08/19/02 Mike Kestner wrote:
> > If there is _one_ entry point that the user can call that takes a IntPtr
> > and passes it on blindly to be used as a GList* or GtkWidget* or
> > something like that, that's enough to make all the CLR security go down
> > the toilet. Is the plan for gtk# to allow that?
>
> Widget*? The GObject pointers are only used to invoke native methods.
> The native methods have all manner of cast/type checking built in. It's
So, if we want to audit the Gtk# interface for the CLR memory integrity,
we need to go and audit all of Gtk+ as well? Very nice.
Also note that the g_return_* checks in gtk are optional, they may well
not be there at all:
#define g_return_if_fail(expr) G_STMT_START{ (void)0; }G_STMT_END
#define g_return_val_if_fail(expr,val) G_STMT_START{ (void)0; }G_STMT_END
They are there for debugging, not to enforce security checks.
> not like Gtk# is using the handles to indescriminately "scribble" across
Read what I wrote: the _user_ of Gtk# may scribble on the memory.
If it's Gtk# that does it that's simply a bug that needs fixing.
If Gtk# allows the user to do it, that's a design mistake, IMHO.
> the heap. If we want to be completely anal-retentive, we can always add
> a little glue check to call G_IS_OBJECT in the base GLib.Object(IntPtr)
> ctor.
That would help, though if you create a wrapper object for the wrong
derived type, a check for G_IS_OBJECT is not enough. And there would
still be the problem with the other interfaces that use IntPtrs for
structs.
BTW, sizeof(GtkType) == sizeof(gpointer) in Gtk/Glib 2.0, so you can't
use an int in C# to store it's value.
> > I think gtk# should provide a trustable interface: if the gtk# team
> > disagrees, fine, but I think it's a mistake.
>
> Impressively melodramatic.
Apparently you take the discussion emotionally: I'll raise the issue
again when you'll be ready to discuss the technical issues.
lupus
--
-----------------------------------------------------------------
lupus@debian.org debian/rules
lupus@ximian.com Monkeys do it better